<?php

class CommentController extends BackEndController {

    public function filters() {
        return array(
            'accessControl', // perform access control for CRUD operations
        );
    }

    public function accessRules() {
        return array(
            array(
                'allow',
                'actions' => array('login', 'logout'),
                'users' => array('*'),
            ),
            array(
                'allow',
                'actions' => array('index', 'view', 'create', 'update', 'admin', 'delete', 'published'),
                'users' => array('@'),
//                'expression' => 'Yii::app()->user->allowAdmin() || Yii::app()->user->allowNews() ',
            ),
            array('deny', // deny all users
                'users' => array('*'),
            )
        );
    }

    public function actionView($id) {
        $this->render('view', array(
            'model' => $this->loadModel($id),
        ));
    }

    public function actionCreate() {
        $model = new Comment;

        if (isset($_POST['Comment'])) {
            $model->attributes = $_POST['Comment'];
            if ($model->save())
                $this->redirect(array('index'));
        }

        $this->render('create', array(
            'model' => $model,
        ));
    }

    public function actionUpdate($id) {
        $model = $this->loadModel($id);
        if (isset($_POST['Comment'])) {
            $model->attributes = $_POST['Comment'];
            if ($model->save())
                $this->redirect(array('index'));
        }

        $this->render('update', array(
            'model' => $model,
        ));
    }

    public function actionDelete($id) {
        $this->loadModel($id)->delete();

        // if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
        if (!isset($_GET['ajax']))
            $this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('index'));
    }

    public function actionIndex() {
        $model = new Comment('search');
        $model->unsetAttributes(); // clear any default values
        if (isset($_GET['Comment']))
            $model->attributes = $_GET['Comment'];

        $this->render('admin', array(
            'model' => $model,
        ));
    }

    public function loadModel($id) {
        $model = Comment::model()->findByPk($id);
        if ($model === null)
            throw new CHttpException(404, 'The requested page does not exist.');
        return $model;
    }

    public function actionPublished() {
        if (!isset($_GET['published'])) throw new CHttpException(999, 'Invalid request');
        if (!isset($_GET['id'])) throw new CHttpException(999, 'Invalid request');
        $published = $_GET['published'];
        $id = $_GET['id'];

        $comment = Comment::model()->findByPk($id);
        if ($comment == null) throw new CHttpException(999, 'Invalid request');
        $comment->published = $published;
        $comment->save();

        $this->redirect(HSUrl::backendCommentUrl());
    }

    public function actionLogin() {
        $this->redirect(HSUrl::backendLoginUrl());
    }
}
